Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2026-35619 | 5.3 (v4.0) 4.3 (v3.1) | OpenClaw < 2026.3.24 - Authorization Bypass via HTTP /… |
OpenClaw |
OpenClaw |
2026-04-10T16:03:08.449Z | 2026-04-13T18:06:28.539Z |
| cve-2026-35596 | Vikunja has Broken Access Control on Label Read via SQ… |
go-vikunja |
vikunja |
2026-04-10T15:59:43.255Z | 2026-04-14T14:51:51.537Z | |
| cve-2026-35595 | Vikunja Affected by Privilege Escalation via Project R… |
go-vikunja |
vikunja |
2026-04-10T15:58:32.658Z | 2026-04-10T18:16:18.230Z | |
| cve-2026-35594 | Vikunja Link Share JWT tokens remain valid for 72 hour… |
go-vikunja |
vikunja |
2026-04-10T15:55:04.929Z | 2026-04-14T14:32:15.339Z | |
| cve-2026-40228 | 2.9 (v3.1) | In systemd 259, systemd-journald can send ANSI es… |
systemd |
systemd |
2026-04-10T15:48:44.215Z | 2026-04-10T17:27:22.882Z |
| cve-2026-40023 | 6.3 (v4.0) | Apache Log4cxx, Apache Log4cxx (Conan), Apache Log4cxx… |
Apache Software Foundation |
Apache Log4cxx |
2026-04-10T15:45:52.895Z | 2026-04-10T17:29:20.009Z |
| cve-2026-34727 | Vikunja ahs a TOTP Two-Factor Authentication Bypass vi… |
go-vikunja |
vikunja |
2026-04-10T15:45:30.662Z | 2026-04-13T15:37:32.071Z | |
| cve-2026-40021 | 6.3 (v4.0) | Apache Log4net: Silent log event loss in XmlLayout and… |
Apache Software Foundation |
Apache Log4net |
2026-04-10T15:44:17.451Z | 2026-04-10T17:35:01.228Z |
| cve-2026-34481 | 6.3 (v4.0) | Apache Log4j JSON Template Layout: Improper serializat… |
Apache Software Foundation |
Apache Log4j JSON Template Layout |
2026-04-10T15:43:00.100Z | 2026-04-10T17:41:38.229Z |
| cve-2026-34480 | 6.9 (v4.0) | Apache Log4j Core: Silent log event loss in XmlLayout … |
Apache Software Foundation |
Apache Log4j Core |
2026-04-10T15:42:03.843Z | 2026-04-10T17:45:07.434Z |
| cve-2026-34479 | 6.9 (v4.0) | Apache Log4j 1 to Log4j 2 bridge: Silent log event los… |
Apache Software Foundation |
Apache Log4j 1 to Log4j 2 bridge |
2026-04-10T15:41:07.888Z | 2026-04-10T17:47:34.402Z |
| cve-2026-34478 | 6.9 (v4.0) | Apache Log4j Core: Log injection in Rfc5424Layout due … |
Apache Software Foundation |
Apache Log4j Core |
2026-04-10T15:40:17.713Z | 2026-04-10T17:50:12.484Z |
| cve-2026-34477 | 6.3 (v4.0) | Apache Log4j Core: verifyHostName attribute silently i… |
Apache Software Foundation |
Apache Log4j Core |
2026-04-10T15:36:19.740Z | 2026-04-10T17:38:57.154Z |
| cve-2026-29043 | HDF5 H5T__ref_mem_setnull Heap Buffer Overflow |
HDFGroup |
hdf5 |
2026-04-10T15:35:51.682Z | 2026-04-14T14:50:46.566Z | |
| cve-2026-40227 | 6.2 (v3.1) | In systemd 260 before 261, a local unprivileged u… |
systemd |
systemd |
2026-04-10T15:19:51.433Z | 2026-04-14T14:49:32.971Z |
| cve-2026-40226 | 6.4 (v3.1) | In nspawn in systemd 233 through 259 before 260, … |
systemd |
systemd |
2026-04-10T15:18:10.447Z | 2026-04-14T14:48:20.451Z |
| cve-2026-40225 | 6.4 (v3.1) | In udev in systemd before 260, local root executi… |
systemd |
systemd |
2026-04-10T15:16:19.827Z | 2026-04-14T14:40:30.611Z |
| cve-2026-40224 | 6.7 (v3.1) | In systemd 259 before 260, there is local privile… |
systemd |
systemd |
2026-04-10T15:14:21.904Z | 2026-04-10T18:13:05.818Z |
| cve-2026-29002 | 8.6 (v4.0) 7.2 (v3.1) | CouchCMS Privilege Escalation via f_k_levels_list Parameter |
CouchCMS |
CouchCMS |
2026-04-10T15:11:43.411Z | 2026-04-10T16:20:02.847Z |
| cve-2026-40223 | 4.7 (v3.1) | In systemd 258 before 260, a local unprivileged u… |
systemd |
systemd |
2026-04-10T15:10:56.605Z | 2026-04-15T14:42:11.727Z |
| cve-2026-40217 | 8.8 (v3.1) | LiteLLM through 2026-04-08 allows remote attacker… |
BerriAI |
LiteLLM |
2026-04-10T13:43:23.147Z | 2026-04-14T14:39:03.619Z |
| cve-2026-6069 | N/A | CVE-2026-6069 |
NASM |
NASM |
2026-04-10T13:30:48.302Z | 2026-04-10T14:53:37.082Z |
| cve-2026-6068 | N/A | CVE-2026-6068 |
NASM |
NASM |
2026-04-10T13:30:38.420Z | 2026-04-10T14:56:52.908Z |
| cve-2026-6067 | N/A | CVE-2026-6067 |
NASM |
NASM |
2026-04-10T13:30:26.140Z | 2026-04-10T14:58:07.818Z |
| cve-2025-58920 | 7.1 (v3.1) | WordPress Cerato theme <= 2.2.18 - Reflected Cross Sit… |
Zootemplate |
Cerato |
2026-04-10T13:25:31.611Z | 2026-04-10T14:07:44.099Z |
| cve-2025-58913 | 8.1 (v3.1) | WordPress VideoPro theme <= 2.3.8.1 - Local File Inclu… |
CactusThemes |
VideoPro |
2026-04-10T13:21:05.820Z | 2026-04-13T18:05:51.935Z |
| cve-2025-5804 | 7.5 (v3.1) | WordPress Case Theme User < 1.0.4 - Local File Inclusi… |
Case Themes |
Case Theme User |
2026-04-10T13:19:43.457Z | 2026-04-13T18:06:05.475Z |
| cve-2026-33092 | 7.8 (v3.0) | Local privilege escalation due to improper handli… |
Acronis |
Acronis True Image OEM |
2026-04-10T13:17:45.275Z | 2026-04-14T03:55:40.860Z |
| cve-2026-5412 | 9.9 (v3.1) | Juju CloudSpec API could leak senstive information |
Canonical |
Juju |
2026-04-10T12:22:05.403Z | 2026-04-10T14:04:30.155Z |
| cve-2026-5774 | 6.1 (v4.0) | Juju API Server Denial of Service and Authentication R… |
Canonical |
Juju |
2026-04-10T12:10:55.634Z | 2026-04-10T12:41:28.720Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2014-000053 | JustSystems Online Update Program bundled with JustSystems products vulnerable to arbitrary code execution | 2014-06-11T12:22+09:00 | 2014-06-17T16:25+09:00 |
| jvndb-2014-000048 | OpenSSL improper handling of Change Cipher Spec message | 2014-06-06T13:48+09:00 | 2016-12-27T11:49+09:00 |
| jvndb-2014-000046 | CN8000 vulnerable to denial-of-service (DoS) | 2014-06-04T14:37+09:00 | 2014-06-06T18:35+09:00 |
| jvndb-2014-000047 | SOY CMS vulnerable to cross-site scripting | 2014-06-04T14:32+09:00 | 2014-06-06T18:34+09:00 |
| jvndb-2014-000044 | intra-mart vulnerable to open redirect | 2014-05-08T12:46+09:00 | 2014-05-12T17:45+09:00 |
| jvndb-2014-000042 | Cybozu Garoon Phone Messages vulnerable to denial-of-service (DoS) | 2014-04-30T15:14+09:00 | 2014-05-14T10:50+09:00 |
| jvndb-2014-000043 | Cybozu Garoon API access restriction bypass vulnerability | 2014-04-30T15:08+09:00 | 2014-05-08T18:06+09:00 |
| jvndb-2014-000045 | Apache Struts vulnerable to ClassLoader manipulation | 2014-04-25T15:37+09:00 | 2015-05-08T18:01+09:00 |
| jvndb-2014-000038 | TOSHIBA TEC e-Studio series vulnerable to cross-site request forgery | 2014-04-18T14:30+09:00 | 2014-04-28T18:11+09:00 |
| jvndb-2014-000039 | Cybozu Remote Service Manager vulnerable to denial-of-service (DoS) | 2014-04-18T13:40+09:00 | 2014-04-28T18:13+09:00 |
| jvndb-2014-000040 | Cybozu Remote Service Manager vulnerable to session fixation | 2014-04-18T13:35+09:00 | 2014-04-28T18:14+09:00 |
| jvndb-2014-000037 | AndExplorer vulnerable to directory traversal | 2014-04-18T12:39+09:00 | 2014-04-28T18:12+09:00 |
| jvndb-2014-000041 | Redmine vulnerable to open redirect | 2014-04-16T15:06+09:00 | 2014-04-16T15:06+09:00 |
| jvndb-2014-000036 | Content Provider in CamiApp for Android fails to restrict access permissions | 2014-04-14T13:45+09:00 | 2014-04-21T18:34+09:00 |
| jvndb-2014-000035 | SD Card Manager vulnerable to directory traversal | 2014-04-11T13:43+09:00 | 2014-04-16T18:22+09:00 |
| jvndb-2014-000033 | ES File Explorer vulnerable to directory traversal | 2014-03-20T14:05+09:00 | 2014-03-24T18:50+09:00 |
| jvndb-2014-000032 | Silex vulnerable to cross-site scripting | 2014-03-20T14:02+09:00 | 2014-03-24T18:27+09:00 |
| jvndb-2014-000029 | sp mode mail vulnerability where Java methods may be executed | 2014-03-18T14:09+09:00 | 2014-03-25T19:25+09:00 |
| jvndb-2014-000028 | sp mode mail issue where emails in the process of creation may be accessed | 2014-03-18T14:08+09:00 | 2014-03-25T19:24+09:00 |
| jvndb-2014-000027 | sp mode mail issue when accessing attachments in incoming mail | 2014-03-18T14:07+09:00 | 2014-03-24T19:04+09:00 |
| jvndb-2014-000031 | Unzipper vulnerable to directory traversal | 2014-03-17T13:45+09:00 | 2014-03-19T15:15+09:00 |
| jvndb-2014-000030 | Demaecan for Android. contains an issue where it fails to verify SSL server certificates | 2014-03-17T13:43+09:00 | 2014-03-19T15:14+09:00 |
| jvndb-2014-001594 | JP1/File Transmission Server / FTP vulnerable to access control violation | 2014-03-11T16:33+09:00 | 2015-03-03T16:59+09:00 |
| jvndb-2014-001593 | JP1/Integrated Management - Service Support vulnerable to cross-site scripting | 2014-03-11T15:54+09:00 | 2015-03-03T16:59+09:00 |
| jvndb-2014-000024 | Cybozu Garoon vulnerable to SQL injection | 2014-02-26T15:23+09:00 | 2014-03-03T18:42+09:00 |
| jvndb-2014-000023 | Cybozu Garoon vulnerable to directory traversal | 2014-02-26T15:22+09:00 | 2014-03-03T18:44+09:00 |
| jvndb-2014-000022 | Denny's App for Android. contains an issue where it fails to verify SSL server certificates | 2014-02-26T15:21+09:00 | 2014-03-03T18:49+09:00 |
| jvndb-2014-000021 | Cybozu Garoon vulnerable to session management | 2014-02-26T15:21+09:00 | 2014-03-03T18:45+09:00 |
| jvndb-2014-000026 | Norman Security Suite vulnerable to privilege escalation | 2014-02-26T15:20+09:00 | 2014-03-03T18:47+09:00 |
| jvndb-2014-000025 | XooNIps vulnerable to cross-site scripting | 2014-02-26T15:19+09:00 | 2014-03-03T18:50+09:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2024-avi-0559 | Multiples vulnérabilités dans Microsoft Azure | 2024-07-10T00:00:00.000000 | 2024-07-10T00:00:00.000000 |
| certfr-2024-avi-0558 | Multiples vulnérabilités dans Microsoft .Net | 2024-07-10T00:00:00.000000 | 2024-07-10T00:00:00.000000 |
| certfr-2024-avi-0557 | Multiples vulnérabilités dans Microsoft Windows | 2024-07-10T00:00:00.000000 | 2024-07-10T00:00:00.000000 |
| certfr-2024-avi-0556 | Multiples vulnérabilités dans Microsoft Office | 2024-07-10T00:00:00.000000 | 2024-07-10T00:00:00.000000 |
| certfr-2024-avi-0555 | Multiples vulnérabilités dans les produits Mozilla | 2024-07-10T00:00:00.000000 | 2024-07-10T00:00:00.000000 |
| certfr-2024-avi-0554 | Multiples vulnérabilités dans les produits SAP | 2024-07-09T00:00:00.000000 | 2024-07-09T00:00:00.000000 |
| certfr-2024-avi-0552 | Multiples vulnérabilités dans les produits Siemens | 2024-07-09T00:00:00.000000 | 2024-07-09T00:00:00.000000 |
| certfr-2024-avi-0551 | Vulnérabilité OpenSSH dans des systèmes d'exploitation | 2024-07-09T00:00:00.000000 | 2024-07-09T00:00:00.000000 |
| certfr-2024-avi-0550 | Vulnérabilité dans le protocole RADIUS | 2024-07-09T00:00:00.000000 | 2024-07-09T00:00:00.000000 |
| certfr-2024-avi-0549 | Vulnérabilité dans les produits Schneider Electric | 2024-07-09T00:00:00.000000 | 2024-07-09T00:00:00.000000 |
| certfr-2024-avi-0548 | Multiples vulnérabilités dans les produits NetApp | 2024-07-08T00:00:00.000000 | 2024-07-08T00:00:00.000000 |
| certfr-2024-avi-0547 | Multiples vulnérabilités dans les produits IBM | 2024-07-05T00:00:00.000000 | 2024-07-05T00:00:00.000000 |
| certfr-2024-avi-0546 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2024-07-05T00:00:00.000000 | 2024-07-05T00:00:00.000000 |
| certfr-2024-avi-0545 | Vulnérabilité dans VMware Cloud Director Availability | 2024-07-05T00:00:00.000000 | 2024-07-05T00:00:00.000000 |
| certfr-2024-avi-0544 | Vulnérabilité dans Apache HTTP Server | 2024-07-05T00:00:00.000000 | 2024-07-05T00:00:00.000000 |
| certfr-2024-avi-0543 | Vulnérabilité dans Apache Tomcat | 2024-07-04T00:00:00.000000 | 2024-07-04T00:00:00.000000 |
| certfr-2024-avi-0542 | Vulnérabilité dans MongoDB | 2024-07-04T00:00:00.000000 | 2024-07-04T00:00:00.000000 |
| certfr-2024-avi-0541 | Multiples vulnérabilités dans les produits Splunk | 2024-07-04T00:00:00.000000 | 2024-07-04T00:00:00.000000 |
| certfr-2024-avi-0540 | Multiples vulnérabilités dans Python | 2024-07-04T00:00:00.000000 | 2024-07-04T00:00:00.000000 |
| certfr-2024-avi-0539 | Vulnérabilité OpenSSH dans des systèmes d'exploitation | 2024-07-03T00:00:00.000000 | 2024-07-03T00:00:00.000000 |
| certfr-2024-avi-0538 | Multiples vulnérabilités dans Tenable Identity Exposure | 2024-07-03T00:00:00.000000 | 2024-07-03T00:00:00.000000 |
| certfr-2024-avi-0537 | Multiples vulnérabilités dans MongoDB | 2024-07-03T00:00:00.000000 | 2024-07-03T00:00:00.000000 |
| certfr-2024-avi-0536 | Multiples vulnérabilités dans Google Android | 2024-07-03T00:00:00.000000 | 2024-07-03T00:00:00.000000 |
| certfr-2024-avi-0535 | Multiples vulnérabilités dans les produits Splunk | 2024-07-02T00:00:00.000000 | 2024-07-02T00:00:00.000000 |
| certfr-2024-avi-0534 | Vulnérabilité dans Juniper Networks Junos OS | 2024-07-02T00:00:00.000000 | 2024-07-02T00:00:00.000000 |
| certfr-2024-avi-0533 | Multiples vulnérabilités dans Apache HTTP Server | 2024-07-02T00:00:00.000000 | 2024-07-02T00:00:00.000000 |
| certfr-2024-avi-0532 | Vulnérabilité dans Cisco NX-OS | 2024-07-02T00:00:00.000000 | 2024-07-02T00:00:00.000000 |
| certfr-2024-avi-0531 | Multiples vulnérabilités dans OpenSSH | 2024-07-01T00:00:00.000000 | 2024-07-01T00:00:00.000000 |
| certfr-2024-avi-0530 | Multiples vulnérabilités dans les produits NetApp | 2024-07-01T00:00:00.000000 | 2024-07-01T00:00:00.000000 |
| certfr-2024-avi-0529 | Multiples vulnérabilités dans les produits IBM | 2024-06-28T00:00:00.000000 | 2024-06-28T00:00:00.000000 |